The present invention relates to a security module for authorizing an application to use software interfaces stored in a telecommunication terminal.
The invention relates more generally to the field of secure access to an application, in particular a value added application, to technical resources of a telecommunication terminal, or to memories of a smart card inserted into a smart card reader of a telecommunication terminal.
Generally speaking, modern mobile telephones are not considered to have a sufficiently high security profile for financial transactions of all kinds, for example banking transactions or telepurchasing.
This is why any sensitive transaction implying a security function to prevent fraud is nowadays generally effected through the intermediary of a smart card inserted into the terminal.
In particular, for carrying out highly diverse transactions, it has been proposed to equip a mobile telephone with two smart card readers, one for receiving a subscriber identification module (SIM) card to enable a call to be set up with the telecommunication network, and the other for receiving an “application” smart card in which is stored particular user information relating to an application. For example, the application card is a bank card, an electronic purse, a loyalty card or a subscription card to a remote service that can be consulted via the telecommunication terminal.
However, the above solution is found to have drawbacks, in particular because of the limited technical resources that can be provided in a smart card.
Some more sophisticated applications are no longer compatible with the computation and memory capacity of a simple smart card and necessitate intervention by the technical resources of the mobile telephone, for example its computation means, memory means, keypad or display screen.
For effective fraud prevention, carrying out a sensitive transaction, such as a financial transaction, using the technical resources of a mobile terminal cannot be envisaged if the terminal does not have a suitable security profile.
To overcome this drawback, “fraud-proof” mobile telephones have been manufactured. These are terminals operating through security software layers and having at least one smart card reader, a protected keypad, a protected screen, and a tamperproof terminal casing that renders the terminal unusable in the event of an attempt to open the casing.
However, this solution cannot be extended to all terminals, in particular mobile terminals, because it is complex and costly.
As an alternative, it has been proposed to provide terminals having different levels of security against fraud.
For example, a level “0” security profile corresponds to a terminal having no technical means of security against fraud.
Level “1” corresponds, for example, to a terminal operating through security software layers protecting against fraud.
Level “2” corresponds to a level “1” terminal further including a smart card reader for receiving an application card. In the case of a mobile telephone, this would be a second smart card reader, the first one being that for receiving the subscriber identification module card (SIM card).
Level “3” corresponds to a level “2” terminal with the further feature that its keypad and display are protected against fraud. Protecting the keypad and the display is particularly important for displaying amounts to be paid and entering secret codes, for example.
Finally, level “4” corresponds to a fraud-proof terminal as described above, and thus to a level “3” terminal with the further feature of a tamperproof casing.
The level of security against fraud of a telecommunication terminal is determined by the manufacturer and implanted therein, for example in the form of an electronic certificate stored in a read-only memory (ROM).
If a sensitive application must be downloaded from a remote server, for example, the certificate and therefore the level of the security profile of the terminal are communicated to the remote server, which adapts the execution of the application to match the level of the security profile of the terminal.
However, this solution has the drawback that security against fraud cannot be really guaranteed during execution of the application in the terminal.
Thus it is possible, when a remote application is downloaded into a telecommunication terminal having a level “3” security profile, for another, “pirate” application to run in parallel and misappropriate the downloaded application.
Furthermore, in the general field of secure access to software modules in electronic data processing, libraries of software interfaces for access to a processor or a memory, for example, are sometimes used.
It is possible to enhance the level of security against fraud by inserting a secure interface for access to a processor, a memory or an external device, for example.